Title: | Information security and data protection legal and policy frameworks applicable to European Union institutions and agencies |
Authors: | Neil Robinson, Author ; Jan Gaspers, Author |
Material Type: | report |
Publisher: | Santa Monica, CA : The RAND Corporation, 2014 |
Series: | Research reports |
Format: | 1 online resource (viii, 62 p.) |
Bibliography note: | Includes bibliographical references |
Languages: | English |
Class number: | KF1263 |
Subjects: | Data protection--Law and legislation ; Data protection--Law and legislation--Europe ; Europe ; Privacy, Right of--Europe |
Description: |
This study reviews the legal and policy frameworks that govern the use of information and communications technology by European Union institutions and agencies in terms of the extent to which they account for information security and data privacy
The first set of findings is presented in Chapter 2, which suggests that legacy equipment, path dependency when it comes to law and policymaking, and the natural conservativeness of a large and complex administrative machine may act as inhibitors to building greater information security in EU institutions and agencies. Examining legal and policy frameworks that govern and regulate the use of ICT across EU institutions and agencies, Chapter 3 finds that the overall tone of EU policy and legal frameworks governing and regulating information security resonates with a model of security based on an internally secure organisation and insecure external environment, which appears to be inconsistent with the latest evolving canon of best practice concerning inter-organisational security |
Contents note: | 1. Introduction 2. European Union ICT requirements and infrastructure 3. Cross-cutting legal and policy frameworks applicable to EU institutions and agencies |
Format : | Open Access |
Access: | http://www.rand.org/pubs/research_reports/RR557.html |
Permalink: | https://isulibrary.isunet.edu/index.php?lvl=notice_display&id=9286 |